wireguard-dashboard/http/middleware/authorization.go

package middleware

import (
	"github.com/gin-gonic/gin"
	"strings"
	"wireguard-ui/component"
	"wireguard-ui/global/constant"
	"wireguard-ui/http/response"
	"wireguard-ui/service"
	"wireguard-ui/utils"
)

// Authorization
// @description: 授权中间件
// @return gin.HandlerFunc
func Authorization() gin.HandlerFunc {
	return func(c *gin.Context) {
		token := c.GetHeader("Authorization")
		if token == "" || !strings.HasPrefix(token, "Bearer ") {
			response.R(c).AuthorizationFailed("未登陆")
			c.Abort()
			return
		}

		hashPassword := c.Request.Header.Get("X-TOKEN")
		if hashPassword == "" {
			response.R(c).AuthorizationFailed("未登陆")
			c.Abort()
			return
		}

		userClaims, err := component.JWT().ParseToken(token, hashPassword)
		if err != nil {
			response.R(c).AuthorizationFailed("未登陆")
			c.Abort()
			return
		}

		// 如果token的颁发者与请求的站点不一致那么就给它抬出去
		if userClaims.Issuer != utils.WebSite().GetHost(c.Request.Header.Get("Referer")) {
			response.R(c).AuthorizationFailed("未登陆")
			c.Abort()
			return
		}

		// 查询用户
		user, err := service.User().GetUserById(userClaims.ID)
		if err != nil {
			response.R(c).FailedWithError("用户不存在")
			c.Abort()
			return
		}

		if user.Status != constant.Enabled {
			response.R(c).FailedWithError("用户状态异常，请联系管理员处理！")
			c.Abort()
			return
		}

		// 将用户信息放入上下文
		c.Set("user", &user)
		c.Next()
	}
}
:toda: 2024-07-05 14:41:35 +08:00			`package middleware`

			`import (`
			`"github.com/gin-gonic/gin"`
			`"strings"`
			`"wireguard-ui/component"`
			`"wireguard-ui/global/constant"`
			`"wireguard-ui/http/response"`
			`"wireguard-ui/service"`
			`"wireguard-ui/utils"`
			`)`

			`// Authorization`
			`// @description: 授权中间件`
			`// @return gin.HandlerFunc`
			`func Authorization() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`token := c.GetHeader("Authorization")`
			`if token == "" \|\| !strings.HasPrefix(token, "Bearer ") {`
			`response.R(c).AuthorizationFailed("未登陆")`
			`c.Abort()`
			`return`
			`}`

:art:双token校验 2024-07-12 10:11:37 +08:00			`hashPassword := c.Request.Header.Get("X-TOKEN")`
			`if hashPassword == "" {`
			`response.R(c).AuthorizationFailed("未登陆")`
			`c.Abort()`
			`return`
			`}`

			`userClaims, err := component.JWT().ParseToken(token, hashPassword)`
:toda: 2024-07-05 14:41:35 +08:00			`if err != nil {`
			`response.R(c).AuthorizationFailed("未登陆")`
			`c.Abort()`
			`return`
			`}`

:art:优化以下 2024-07-11 16:21:08 +08:00			`// 如果token的颁发者与请求的站点不一致那么就给它抬出去`
:toda: 2024-07-05 14:41:35 +08:00			`if userClaims.Issuer != utils.WebSite().GetHost(c.Request.Header.Get("Referer")) {`
			`response.R(c).AuthorizationFailed("未登陆")`
			`c.Abort()`
			`return`
			`}`

			`// 查询用户`
			`user, err := service.User().GetUserById(userClaims.ID)`
			`if err != nil {`
			`response.R(c).FailedWithError("用户不存在")`
			`c.Abort()`
			`return`
			`}`

			`if user.Status != constant.Enabled {`
			`response.R(c).FailedWithError("用户状态异常，请联系管理员处理！")`
			`c.Abort()`
			`return`
			`}`

			`// 将用户信息放入上下文`
			`c.Set("user", &user)`
			`c.Next()`
			`}`
			`}`